GLSA 200406-20 - FreeS/WAN, Openswan, strongSwan

Gentoo 2529 Published by Philipp Esselbach 0

A FreeS/WAN, Openswan, strongSwan update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: FreeS/WAN, Openswan, strongSwan: Vulnerabilities in
certificate handling
Date: June 25, 2004
ID: 200406-20

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN contain two bugs when authenticating PKCS#7 certificates. This could allow an attacker to authenticate with a fake certificate.

GLSA 200406-19 - giFT-FastTrack

Gentoo 2529 Published by Philipp Esselbach 0

A giFT-FastTrack updated is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Low
Title: giFT-FastTrack: remote denial of service attack
Date: June 24, 2004
Bugs: #54452
ID: 200406-19

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

There is a vulnerability where a carefully crafted signal sent to the giFT-FastTrack plugin will cause the giFT daemon to crash.

GLSA 200406-18 - gzip: Insecure creation of temporary files

Gentoo 2529 Published by Philipp Esselbach 0

Updated gzip packages are available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: gzip: Insecure creation of temporary files
Date: June 24, 2004
Bugs: #54890
ID: 200406-18

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

gzip contain a bug potentially allowing an attacker to execute arbitrary commands.

GLSA 200406-17 - IPsec-Tools: authentication bug in racoon

Gentoo 2529 Published by Philipp Esselbach 0

Updated IPsec-Tools packages has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: IPsec-Tools: authentication bug in racoon
Date: June 22, 2004
Bugs: #53915
ID: 200406-17

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

racoon provided as part of IPsec-Tools fails do proper authentication.

GLSA 200406-16 - Apache 1.3: Buffer overflow in mod_proxy

Gentoo 2529 Published by Philipp Esselbach 0

An Apache update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-16
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Apache 1.3: Buffer overflow in mod_proxy
Date: June 21, 2004
Bugs: #53544
ID: 200406-16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A bug in mod_proxy may allow a remote attacker to execute arbitrary code when Apache is configured a certain way.

GLSA 200406-15 - Usermin: Multiple vulnerabilities

Gentoo 2529 Published by Philipp Esselbach 0

An Usermin update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-15
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Usermin: Multiple vulnerabilities
Date: June 18, 2004
Bugs: #54030
ID: 200406-15

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Usermin contains two security vulnerabilities which could lead to a Denial of Service attack and information disclosure.

GLSA 200406-14 - aspell: Buffer overflow

Gentoo 2529 Published by Philipp Esselbach 0

An aspell update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-14
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: aspell: Buffer overflow in word-list-compress
Date: June 17, 2004
Bugs: #53389
ID: 200406-14

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A bug in the aspell utility word-list-compress can allow an attacker to execute arbitrary code.

GLSA 200406-13 - Squid: NTLM authentication helper

Gentoo 2529 Published by Philipp Esselbach 0

A Squid update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-13
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Squid: NTLM authentication helper buffer overflow
Date: June 17, 2004
Bugs: #53367
ID: 200406-13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Squid contains a bug where it fails to properly check bounds of the 'pass' variable.

GLSA 200406-12 - Webmin: Multiple vulnerabilities

Gentoo 2529 Published by Philipp Esselbach 0

A Webmin update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Webmin: Multiple vulnerabilities
Date: June 16, 2004
Bugs: #53375
ID: 200406-12

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Webmin contains two security vulnerabilities which could lead to a Denial of Service attack and information disclosure.

GLSA 200406-11 - Horde-IMP: Input validation vulnerability

Gentoo 2529 Published by Philipp Esselbach 0

A Horde-IMP update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Horde-IMP: Input validation vulnerability
Date: June 16, 2004
Bugs: #53862
ID: 200406-11

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

An input validation vulnerability has been discovered in Horde-IMP.

GLSA 200406-10 - Gallery: Privilege escalation vulnerability

Gentoo 2529 Published by Philipp Esselbach 0

A Gallery update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-10
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Gallery: Privilege escalation vulnerability
Date: June 15, 2004
Bugs: #52798
ID: 200406-10

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

There is a vulnerability in the Gallery photo album software which may allow an attacker to gain administrator privileges within Gallery.

GLSA 200406-09 - Horde-Chora: Remote code execution

Gentoo 2529 Published by Philipp Esselbach 0

A Horde-Chora update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-09
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Horde-Chora: Remote code execution
Date: June 15, 2004
Bugs: #53800
ID: 200406-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A vulnerability in Chora allows remote code execution and file upload.

GLSA 200406-08 - Squirrelmail: Another XSS vulnerability

Gentoo 2529 Published by Philipp Esselbach 0

A squirrelmail update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Squirrelmail: Another XSS vulnerability
Date: June 15, 2004
Bugs: #52434
ID: 200406-08

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Squirrelmail fails to properly sanitize user input, which could lead to a compromise of webmail accounts.

GLSA 200406-07 - Subversion: Remote heap overflow

Gentoo 2529 Published by Philipp Esselbach 0

A Subversion update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-07
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Subversion: Remote heap overflow
Date: June 10, 2004
ID: 200406-07

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Subversion is vulnerable to a remote Denial of Service that may be exploitable to execute arbitrary code on the server running svnserve.

GLSA 200406-06 - CVS: additional DoS and arbitrary code exec

Gentoo 2529 Published by Philipp Esselbach 0

A CVS update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: CVS: additional DoS and arbitrary code execution
vulnerabilities
Date: June 10, 2004
Bugs: #53408
ID: 200406-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Several serious new vulnerabilities have been found in CVS, which may allow an attacker to remotely compromise a CVS server.

GLSA 200406-05 - Apache: Buffer overflow in mod_ssl

Gentoo 2529 Published by Philipp Esselbach 0

An Apache mod_ssl update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-05
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: High
Title: Apache: Buffer overflow in mod_ssl
Date: June 09, 2004
Bugs: #51368
ID: 200406-05

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

A bug in mod_ssl may allow a remote attacker to execute remote code when Apache is configured a certain way.

GLSA 200406-04 - Mailman: Member password disclosure

Gentoo 2529 Published by Philipp Esselbach 0

A Mailman update is available for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-04
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Mailman: Member password disclosure vulnerability
Date: June 09, 2004
Bugs: #51671
ID: 200406-04

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

Mailman contains a bug allowing 3rd parties to retrieve member passwords.

GLSA 200406-03: sitecopy: Multiple vulnerabilities

Gentoo 2529 Published by Philipp Esselbach 0

A sitecopy update has been released for Gentoo Linux

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200406-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: sitecopy: Multiple vulnerabilities in included libneon
Date: June 05, 2004
Bugs: #51585
ID: 200406-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======

sitecopy includes a vulnerable version of the neon library.

Background
=========

sitecopy easily maintains remote websites. It makes it simple to keep a remote site synchronized with the local site with one command.

Previous Page

Next Page

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...